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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 15 April 2004 . 
2a)D This action is FINAL. 2b)K This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Qi/ay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^1 Claim(s) 1-17 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-17 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 15 April 2004 is/are: a)D accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
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* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1-17 have been examined. 

Drawings 

2. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) because 
they do not include the following reference sign(s) mentioned in the description: 10, 12, 
14, 16, 18, 20, 134, 136, 138, 140, 142, and 144. 

Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in 
reply to the Office action to avoid abandonment of the application. Any amended 
replacement drawing sheet should include all of the figures appearing on the immediate 
prior version of the sheet, even if only one figure is being amended. Each drawing sheet 
submitted after the filing date of an application must be labeled in the top margin as 
either "Replacement Sheet" or "New Sheet" pursuant to 37 CFR 1.121(d). If the changes 
are not accepted by the examiner, the applicant will be notified and informed of any 
required corrective action in the next Office action. The objection to the drawings will 
not be held in abeyance. 

Specification 

3. Applicant is requested to provide the missing serial numbers for the related cases 
cited in paragraph [0001]. 

4. The specification is objected to because reference characters "140" and "142", 
although not present in the drawings (see the drawing objection above), appear to have 
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been used to designate multiple elements (140 appears to describe a vulnerability 
assessment in paragraph [0010] and rectangular entities in paragraph [0112]; 142 appears 
to describe a vulnerability database in paragraph [0010] and ovals in paragraph [01 12]) 

Claim Objections 

5. Claim 1 1 is objected to under 37 CFR 1.75(c), as being of improper dependent 
form for failing to further limit the subject matter of a previous claim. Applicant is 
required to cancel the claim(s), or amend the claim(s) to place the claim(s) in proper 
dependent form, or rewrite the claim(s) in independent form. 

Claim 1 1 recites what the lattice values (of claim 10) "can" include. Such 
permissive language does not require that the lattice values necessarily include any of the 
subsequent characteristics recited in the claim. Language that suggests or makes optional 
but does not require steps to be performed or does not limit a claim to a particular 
structure does not limit the scope of a claim or claim limitation. See MPEP §2106. 

Alternative expressions are permitted if they present no uncertainty or ambiguity 
with respect to the question of scope or clarity of the claims. One acceptable form of 
alternative expression, which is commonly referred to as a Markush group, recites 
members as being "selected from the group consisting of A, B and C." See Ex parte 
Markush, 1925 CD. 126 (Comm'r Pat. 1925). 

Claim Rejections - 35 USC § 112 

6. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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7. Claim 17 is are rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

Claim 17 refers to "The system of claim 20" in line 1, It is noted that no such 
claim 20 exists. In the interest of compact prosecution, this reference to claim 20 is 
subsequently interpreted as referring instead to claim 16 for the puipose of further 
examination. 

Claim Rejections - 35 USC §101 

8. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

9. Claims 1-17 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

The language of claims 1-17 raises a question as to whether the claims are 
directed merely to an abstract idea that is not tied to a technological art, environment or 
machine which would result in a practical application producing a concrete, useful, and 
tangible result to form the basis of statutory subject matter under 35 U.S.C. §101. 

The claimed methods and systems of claims 1-17 are not tangibly embodied, as 
they do not require the use of hardware to realize the prescribed functionality, nor do the 
prescribed methods produce any tangible result. 
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Further, it is noted that claims 16 and 17 recite systems comprising merely 
"computer implemented logic". Such "logic", presumably computer software elements 
or computer programs representing computer listings, constitutes non-functional 
descriptive material, per se, as it does not define any structural and functional 
interrelationships between the computer program and other claimed aspects of the 
invention which permit the computer program's functionality to be realized. Since a 
computer program is merely a set of instructions capable of being executed by a 
computer, the program itself is not a process, without the computer-readable medium 
needed to realize the computer program's functionality. 

10. To expedite a complete examination of the instant application, the claims rejected 
under 35 U.S.C. §101 (non-statutory) above are further rejected as set forth below in 
anticipation of Applicant amending these claims to place them within the four statutory 
categories of invention. 

Claim Rejections - 35 USC § 102 

11. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

12. Claims 1-17 are rejected under 35 U.S.C. 102(b) as being anticipated by David 
Wagner, et al., "A First Step Towards Automated Detection of Buffer Overrun 

"2 
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Vulnerabilites," Proceedings of the Network and Distributed System Security 
Symposium. Feb. 2000, (hereinafter Wagner et al). 

As per claims 1,15, and .16, Wagner et al discloses analyzing variables in source 
code and creating models therefrom in which each model specifies pre-determined 
characteristics about each variable (see, for example, section 1.1); using the variable 
models to create models of arguments to routine calls in the source code (see, for 
example, sections 1.1 and 3); and using the argument models in conjunction with pre- 
specified criteria for the corresponding routine calls to determine whether the routine 
calls possess vulnerabilities as a consequence of the arguments and known routine 
behavior (see, for example, sections 1.1 and 4). 

As per claim 2, Wagner et al. further discloses the models specifying the memory 
size of a variable (see, for example, sections 1.1 and 3). 

As per claim 3, Wagner et al. further discloses the models specifying the data size 
' of a variable (see, for example, sections LI and 3). 

As per claim 4, Wagner et al. further discloses the models specifying whether the 
variable is a null terminated string or not null terminated string for variables of string 
value type (see, for example, sections 1.1 and 3). 

As per claim 5, Wagner et al further discloses the models specifying the type of 
memory of a variable (see, for example, sections 1.1 and 3). 

As per claim 6, Wagner et al. further discloses the models specifying the value of 
a string for variables that are of a string value type (see, for example, sections 1.1 and 3). 

As per claim 7, Wagner et al. further discloses the models specifying the origin of 
the data for a variable (see, for example, sections 1.1 and 3). 
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As per claim 8, Wagner et al further discloses the models specifying 
characteristics of variable arguments (see, for example, sections 1.1 and 3). 

As per claim 9, Wagner et al further discloses the models specifying 
characteristics of expression arguments (see, for example, sections 1.1 and 3). 

As per claim 10, Wagner et al further discloses the models being specified as 
lattices (see, for example, sections 2 and 3). 

As per claim 1 1, Wagner et al further discloses the lattice values can include a 
value to represent no knowledge, a value to represent inconsistent knowledge, and a 
value to represent a refinement of knowledge (see, for example, sections 2 and 3). 

As per claim 12, Wagner et al further discloses the value to represent a 
refinement of knowledge including values to specify a range of specific values (see, for 
example, sections 2 and 3). 

As per claim 13, Wagner et al further discloses the pre-specified criteria for the 
corresponding routine including rules about the semantic behavior of the routine (see, for 
example, sections 1.1 and 3). 

As per claim 14, Wagner et al further discloses the vulnerabilities being buffer 
overflows (see, for example, section 1.1). 

As per claim 17, Wagner, et al further discloses a database specifying rules to 
detect vulnerabilities based on an analysis of the argument models (see, for example, 
sections 1.1 and 3). 
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Conclusion 



13. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

14. Any inquiry concerning this communication or earlier communications from the 
Examiner should be directed to Eric B. Kiss whose telephone number is (571) 272-3699. 
The Examiner can normally be reached on Tue. - Fri., 7:00 am - 4:30 pm. The Examiner 
can also be reached on alternate Mondays. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, Tuan Dam, can be reached on (571) 272-3695. The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 

Any inquiry of a general nature should be directed to the TC 2100 Group 
receptionist: 5 7 1 -272-2 1 00. f) 



EBK/0^C 

September 2, 2005 




